serply-automation

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill directs the user to configure an external MCP server endpoint at https://rube.app/mcp to provide the required Serply automation tools.
  • [PROMPT_INJECTION]: The skill instructions rely on dynamic ingestion of tool schemas and descriptions from the Rube MCP server using the RUBE_SEARCH_TOOLS command. This creates a surface for indirect prompt injection if the remote server returns malicious metadata. * Ingestion points: Remote tool metadata and schemas returned by RUBE_SEARCH_TOOLS. * Boundary markers: None identified in the provided workflow. * Capability inventory: RUBE_MULTI_EXECUTE_TOOL, RUBE_REMOTE_WORKBENCH. * Sanitization: No evidence of schema validation or content filtering for remote tool metadata is present.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 01:40 PM
Security Audit — agent-trust-hub — serply-automation